【05.25】#VirusPackage 11x + Modified Samples

显示全部楼层 · 发表于 2018-5-26 13:04:18

aboringman 发表于 2018-5-26 12:37
额，好吧看到了，2：16分，真是666。。。。。。

enen
这个是转换为GMT+8之后的的

显示全部楼层 · 发表于 2018-5-26 13:05:16

驭龙发表于 2018-5-26 12:57
告诉你一个更简单的方法，鼠标悬停在卡巴托盘图标上，就可以看到特征库的发布时间，这个跟支持页面中的显 ...

OK，got it......

显示全部楼层 · 发表于 2018-5-29 22:31:08

本帖最后由小飞侠.net 于 2018-5-29 23:15 编辑

X-Sec Antivirus ---（Windows 10 Creators Update（Redstone 4）....1803）：

Basic Info:
---------------------
Database Version: 2018.05.27.01
Program Version: [图片]2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232
---------------------
2018-05-29 23:13:03 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(10).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018-05-29 23:13:03 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(11).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018-05-29 23:13:05 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(2).exe -- [Classic] [图片]Trojan.Win32.Autoit.GD
2018-05-29 23:13:12 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(3).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018-05-29 23:13:15 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(1).exe -- [Cloud] Cloud:Trojan.Win32.Ransom
2018-05-29 23:13:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(4).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-05-29 23:13:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(6).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-05-29 23:13:18 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(7).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-05-29 23:13:18 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(8).exe -- [Classic] Hacktool.Win32.Confuser.Aa
2018-05-29 23:13:18 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(5).exe -- [Cloud] Cloud:Trojan.Win32.LokiBot
2018-05-29 23:13:19 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(9).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-05-29 23:13:20 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(10).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018-05-29 23:13:20 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(11).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018-05-29 23:13:22 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(2).exe -- [Classic] [图片]Trojan.Win32.Autoit.GD
2018-05-29 23:13:29 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(3).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018-05-29 23:13:33 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(1).exe -- [Cloud] Cloud:Trojan.Win32.Ransom
2018-05-29 23:13:33 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(4).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-05-29 23:13:34 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(6).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018-05-29 23:13:35 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(7).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018-05-29 23:13:35 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(8).exe -- [Classic] Hacktool.Win32.Confuser.Aa
2018-05-29 23:13:36 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(9).exe -- [Cloud] Cloud:Trojan.Win32.Trickbot
2018-05-29 23:13:36 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(5).exe -- [Cloud] Cloud:Trojan.Win32.LokiBot

  瑞星---（Windows 10 Creators Update（Redstone 4）....1803）：云引擎（开）RDM+引擎（开）

            瑞星反恶软引擎命令行扫描器（社区交流版）

编译于：Sep 22 2017 15:07:50

提示：
  - 本工具供社区交流使用，请勿用于其他用途
  - 本工具没有恶意软件删除、清除、隔离功能
  - 本工具包含开发中的新特性，结果仅供参考

* 命令行中的选项开关：-output-json -log=C:\瑞星RDM+引擎\ScanLog_180529230114.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232

* 加载恶软签名库： C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功，发布序号为 4308
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Tue May 29 23:01:39 2018

{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(11).exe","infect":{"engine":"rdmk","signature":"cmRtazoreEa03NsmWvi6YItFlbkv","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(4).exe","infect":{"engine":"rdmk","signature":"cmRtazo/WkeNrWKVY3c+12IPLp+n","threat":"Stealer.Fareit!8.170"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(3).exe","infect":{"engine":"rdmk","signature":"cmRtazqj5aBM8Kb2poAjElzoWkQM","threat":"Malware.Heuristic!ET#94%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(1).exe","infect":{"engine":"rdmk","signature":"cmRtazp5Ug2jrZZ6Xs5ATIuN3rdu","threat":"Malware.Heuristic!ET#80%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(5).exe","infect":{"engine":"rdmk","signature":"cmRtazoJO5rsf/gNDbgOLigAZaQL","threat":"Malware.Heuristic!ET#90%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(2).exe","infect":{"engine":"rdmk","signature":"cmRtazrR6d8tj1QhX2Sbmg7FLbv3","threat":"Malware.Heuristic!ET#99%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(7).exe","infect":{"engine":"rdmk","signature":"cmRtazpTD9MZOqiLTRlh4FJkJLK9","threat":"Malware.Heuristic!ET#91%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(9).exe","infect":{"engine":"rdmk","signature":"cmRtazp9g90HTTx/voBq8AMvYf+h","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(11).exe","infect":{"engine":"sha1","signature":"c2hhMTpJS2/sr0PbLCoH5w9eMTjwNRDa1Q","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(6).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(8).exe","infect":{"engine":"sha1","signature":"c2hhMTpr5M+V/25bFFnJvHCTGVJ88amqBA","threat":"Dropper.Randrew!8.82BE"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(1).exe","infect":{"engine":"sha1","signature":"c2hhMTrp26VvCpJ+036dueo4M6GIYeihkg","threat":"Ransom.Agent!8.6B7"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(2).exe","infect":{"engine":"sha1","signature":"c2hhMTptnb/KTB9kE2DmC/PvH6UiPk98PA","threat":"Backdoor.Xtrat!8.B25"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(3).exe","infect":{"engine":"sha1","signature":"c2hhMTrtIJur54mtBc8BfYaNt0s4t5XK+w","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(4).exe","infect":{"engine":"sha1","signature":"c2hhMTqLRf2YMSSp9SmbV7PxlOsEDRuwPA","threat":"Stealer.Fareit!8.170"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(6).exe","infect":{"engine":"sha1","signature":"c2hhMTqn8LOEdk2fNeZrBRAqLO7FfBeesg","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(7).exe","infect":{"engine":"rdmk","signature":"cmRtazpTD9MZOqiLTRlh4FJkJLK9","threat":"Malware.Heuristic!ET#91%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(5).exe","infect":{"engine":"sha1","signature":"c2hhMTpDKs8+mahgeSMvIxBMXg9eSrkQOQ","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(8).exe","infect":{"engine":"rdmk","signature":"cmRtazquqksiU1qKsTpp59ze1dga","threat":"Malware.Heuristic!ET#92%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Modified Samples\\M(10).exe","infect":{"engine":"sha1","signature":"c2hhMTpEHbZPDsO6O2nCRBFWBDV+pZBHiQ","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(9).exe","infect":{"engine":"sha1","signature":"c2hhMTo9Q1dqqwKhaXClcXRT2B+XimhhGQ","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus11x 0525Ergop2232\\Virus11x 0525\\Samples\\(10).exe","infect":{"engine":"sha1","signature":"c2hhMTpEHbZPDsO6O2nCRBFWBDV+pZBHiQ","threat":"Trojan.Injector!8.C4"},"type":"scan"}

扫描结束: Tue May 29 23:01:40 2018

总扫描耗时: 0:1:125(m:s:ms)
总扫描对象: 30
总扫描文件: 22
总恶意文件: 21
有效检出率: 95.45%

Emsisoft Emergency Kit - 版本 2018.4
上次更新： 2018-05-29 22:00:35
用户帐号： TECLAST\Admin
电脑名称： TECLAST
操作系统版本： Windows 10x64

Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源：测试版
Bitdefender（B）+Emsisoft（A）双引擎

扫描设置：

扫描方式：自定义扫描
对象： Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\

检测流氓软件(PUPs)： On
扫描压缩包： On
扫描邮件存档： Off
ADS数据流： On
文件扩展名过滤： Off
直接磁盘访问： Off

扫描开始于：       2018-05-29 22:58:14
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(2).exe -> (AutoIT Script) -> (unicode)       发现风险： AIT:Trojan.Nymeria.364 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(2).exe -> (heurC)       发现风险： Zum.Locky.3 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(10).exe -> (NSIS o) -> lzma_solid_nsis0003       发现风险： Trojan.GenericKD.30864605 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(10).exe       发现风险： Trojan.GenericKD.30879842 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(4).exe       发现风险： Trojan.GenericKD.30875770 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(5).exe       发现风险： Trojan.Agent.Delf.RXI (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(6).exe       发现风险： Trojan.GenericKD.30875721 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(3).exe       发现风险： Trojan.GenericKD.30874893 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(9).exe       发现风险： Trojan.Agent (A) [294024]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(8).exe       发现风险： Trojan.GenericKD.30875729 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(1).exe       发现风险： Trojan.GenericKD.30867062 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(7).exe       发现风险： Gen:Variant.Symmi.55535 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(11).exe       发现风险： Trojan.GenericKD.30874520 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(3).exe       发现风险： Trojan.GenericKD.30874893 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(4).exe       发现风险： Trojan.GenericKD.30871374 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(2).exe       发现风险： Gen:Variant.Strictor.159983 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(1).exe       发现风险： Trojan.GenericKD.30867062 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(6).exe       发现风险： Trojan.GenericKD.30873975 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(5).exe       发现风险： Trojan.GenericKD.30874906 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(9).exe       发现风险： Trojan.Agent (A) [294024]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(7).exe       发现风险： Trojan.GenericKD.30875823 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(8).exe       发现风险： Trojan.GenericKD.30875729 (B) [krnl.xmd]

已扫描       1952
发现       22

扫描完成后：       2018-05-29 22:58:43
扫描时间：       0:00:29

ESET Smart Security Premium 64位（高级启发式（Y）+压缩文件（Y）+自解压加壳（Y）+DNA智能签名（Y）++（Windows 10 Creators Update（Redstone 4）....1803）：
日志
正在扫描日志
检测引擎的版本: 17459P (20180528)
日期: 2018-05-29  时间: 22:50:27
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(1).exe - MSIL/Filecoder.LV 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(10).exe > NSIS > redox.dll - Win32/Injector.DYFH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(11).exe - Win32/Kryptik.GHCE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(2).exe > AUTOIT > script.bin - Win32/Injector.Autoit.DGN 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(3).exe - MSIL/Kryptik.NGX 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(4).exe - Win32/PSW.Fareit.A 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(5).exe - Win32/Injector.DYFO 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(6).exe - Win32/TrojanDownloader.Zurgop.DA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(7).exe - Win32/Injector.DYEK 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(8).exe - MSIL/Kryptik.OAL 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Modified Samples\M(9).exe - Win32/GenKryptik.CATO 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(1).exe - MSIL/Filecoder.LV 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(10).exe > NSIS > redox.dll - Win32/Injector.DYFH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(11).exe - Win32/Kryptik.GHCE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(2).exe > AUTOIT > script.bin - Win32/Injector.Autoit.DGN 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(3).exe - MSIL/Kryptik.NGX 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(4).exe - Win32/PSW.Fareit.A 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(5).exe - Win32/Injector.DYFO 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(6).exe - Win32/TrojanDownloader.Zurgop.DA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(7).exe - Win32/Injector.DYEK 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(8).exe - MSIL/Kryptik.JYE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus11x 0525Ergop2232\Virus11x 0525\Samples\(9).exe - Win32/GenKryptik.CATO 特洛伊木马的变种 - 通过删除清除 [1]
已扫描的对象数: 36
发现的威胁数: 22
已清除

对象数: 22
完成时间: 22:51:10 总扫描时间: 43 秒 (00:00:43)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。

Dr.Web CureIt! 简体中文绿色免费版---（ Windows 7 Ultimate with SP1 简体中文旗舰版....）：

-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\27063C916 -rpcpr:np

Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525

C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(11).exe - infected with Trojan.PWS.Spy.20938
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(11).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(4).exe - infected with Trojan.PWS.Stealer.1932
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(4).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(10).exe - infected with Trojan.Inject1.54688
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(10).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(8).exe - infected with Trojan.Inject2.62326
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(2).exe - infected with Trojan.Virtumod.11842
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(2).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(6).exe is ZLIB container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(6).exe - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(11).exe - infected with Trojan.PWS.Spy.20938
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(11).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(9).exe - infected with Trojan.Trick.45128
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(9).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(5).exe - infected with Trojan.DownLoader26.39159
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(5).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(5).exe - infected with Trojan.DownLoader26.39159
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(5).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(7).exe - infected with Trojan.PWS.Siggen2.3672
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(2).exe - infected with Trojan.Virtumod.11842
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(3).exe - infected with Trojan.DownLoader26.33628
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(4).exe - infected with Trojan.PWS.Stealer.1932
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(4).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(10).exe is NSIS container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(10).exe\redox.dll - infected with Trojan.Inject3.9142
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(10).exe - infected container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(3).exe - infected with Trojan.DownLoader26.33628
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(9).exe - infected with Trojan.Trick.45128
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(9).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(7).exe - infected with Trojan.PWS.Siggen2.3672
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(8).exe - infected with Trojan.Inject2.62326
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(1).exe - infected with Trojan.MulDrop8.24228
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(1).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(1).exe - infected with Trojan.MulDrop8.24228
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(1).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(6).exe is ZLIB container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(6).exe - container

Total 14934156 bytes in 22 files scanned (32 objects)
Total 2 files (11 objects) are clean
Total

20 files are infected
Scan time is 00:00:02.091

火绒安全---（ Windows 7 Ultimate with SP1 简体中文旗舰版....）：部分未知文件已发送到seclab@huorong.cn，等处理中。。。

病毒库：2018-05-29 15:43
开始时间：2018-05-29 22:29
总计用时：00:00:05
扫描对象：42个
扫描文件：22个
发现风险

：22个
已处理风险：0个
发现系统修复项：0个
处理系统修复项：0个

病毒详情

风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(1).exe, 病毒名：Ransom/Ergop.a, 病毒ID：[5127ca5069c3ac96], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(11).exe, 病毒名：Trojan/Generic!4FEA7028E99604A2, 病毒ID：[4fea7028e99604a2], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(4).exe, 病毒名：Trojan/Generic!584D61BA7BC8AC4F, 病毒ID：[584d61ba7bc8ac4f], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(3).exe, 病毒名：Trojan/Generic!621CD8CCCC4B9793, 病毒ID：[621cd8cccc4b9793], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(6).exe, 病毒名：Trojan/Generic!174461317AA549E4, 病毒ID：[174461317aa549e4], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(5).exe, 病毒名：Trojan/Generic!909B815186218AB6, 病毒ID：[909b815186218ab6], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(7).exe, 病毒名：Trojan/Generic!56D8A2CD3D9C6A72, 病毒ID：[56d8a2cd3d9c6a72], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(8).exe, 病毒名：Trojan/Generic!CB2019BE4CB1412E, 病毒ID：[cb2019be4cb1412e], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(9).exe, 病毒名：HEUR:Trojan/Crypt, 病毒ID：[8cbb994e4aa410b5], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(10).exe, 病毒名：Trojan/Generic!8E22A38774C14A78, 病毒ID：[8e22a38774c14a78], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(11).exe, 病毒名：Trojan/Generic!CF5A8A29D749CEA9, 病毒ID：[cf5a8a29d749cea9], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(10).exe, 病毒名：Trojan/Generic!0D71340963CDAEEC, 病毒ID：[d71340963cdaeec], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(3).exe, 病毒名：Trojan/Generic!57C228E9251154C7, 病毒ID：[57c228e9251154c7], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(4).exe, 病毒名：Trojan/Generic!9DE863135273D1EC, 病毒ID：[9de863135273d1ec], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(1).exe, 病毒名：Ransom/Ergop.a, 病毒ID：[5127ca5069c3ac96], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(5).exe, 病毒名：Trojan/Generic!FB61DF03239AE932, 病毒ID：[fb61df03239ae932], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(6).exe, 病毒名：Trojan/Generic!04FF44064662C727, 病毒ID：[4ff44064662c727], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(7).exe, 病毒名：Trojan/Generic!0262D7FB88115826, 病毒ID：[262d7fb88115826], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(8).exe, 病毒名：Trojan/Generic!F695729F73E0BD01, 病毒ID：[f695729f73e0bd01], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(9).exe, 病毒名：HEUR:Trojan/Crypt, 病毒ID：[8cbb994e4aa410b5], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Modified Samples\M(2).exe, 病毒名：HVM:Trojan/Injector.gen!A, 病毒ID：[cc4a875f53a5d678], 处理结果：已忽略
风险路径：C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525\Samples\(2).exe, 病毒名：HVM:Trojan/Injector.gen!A, 病毒ID：[cc4a875f53a5d678], 处理结果：已忽略

文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus11x 0525.rar
文件大小: 6.73 MB (7,062,846 字节)
修改时间: 2018年05月29日，22:26:55
MD5: 39FD81CA1B0F1C4E103D6D83796A237C
SHA1: 16D4B90AC926A0559417CF8C1B5B94549B7E0A1F
SHA256: F18385A984F9E1534837A3FBD2E2E5B246F225A0FE4E558314585CD7C195E0EA
SHA512: 5D4D1A12746809F5C37C554C565E2FEE431FC1007B023FA14E2473E3C760A9D54115282F6656CAC3AC5084E7B301EDA20484BD5C668E21FD7F8B8B2F6919EF4E
CRC32: D4B5C2F7
计算时间: 0.48s

[病毒样本] 【05.25】#VirusPackage 11x + Modified Samples